Apple's App Store Has Had Its First Major Hack

Update: On Tuesday, Apple confirmed that it will be reaching out to customers who downloaded the affected apps. Apple recommends that users who downloaded a compromised app reset their iCloud and account passwords as a precautionary measure.

After years of a blissfully secure app ecosystem, Apple has fallen victim to its first major malware attack. This past Sunday, the company revealed it had scrubbed its App Store of several hundred primarily Chinese applications unintentionally embedded with malicious software.

A number of well-meaning developers downloaded a fake version of Xcode, the integrated development environment (IDE) that coders use to build iOS apps. Developers were likely lured into using the counterfeit version, XcodeGhost, because it handled downloads more quickly over a local Chinese server, rather than a slower, faraway U.S. server (they thought it was a mirror download). Some of the apps affected by the malware include a handful of China's most popular titles — an older version of WeChat, and Didi Kuadi, the country's version of Uber, to name two.

Before the development of XcodeGhost, only five apps in the official App Store had been found to contain any kind of malware, according to data obtained by Reuters. Apple has a detailed and rigorous review process for new apps, so it seems likely that the malware — which thus far hasn't actually been reported to have done anything malicious, such as steal user data — must have been very subtle and embedded deep within the affected apps' source code. This is the first major oversight on the part of Apple's app review process.

Apple hasn't yet revealed exactly how many apps were affected by the breach, or how users can tell if their iPhone or iPad might be infected. The best safeguard we can suggest for now: Update all your apps — especially if you haven't done so in a while.
Advertisement